On Tue, 19 Dec 2000, Manuel Bouyer wrote:

> I'm not sure this is the best, because you could have to encrypt/decrypt
> to much data, which will hurt performances. You may also run in the
> problem that the crypted data are biggers than the original.
> A way to do this would be to write a layered filesystem that files, and
> possibly files names in directory.

Very few cryptosystems have any affect whatsoever on the file sizes! It
will be easy to just call a function on each 512-byte block as it goes
to/from the disk... it'll add a few microseconds of latency to disk access
and slightly increase the CPU usage during disk I/O, but since disk
bandwidth is so low, I doubt it'll be significant unless the cypher is
naff - and there are crypto algorithms that keep the security in a large
key initialisation ("login") time, during which large look up tables are
created, while the actual encryption/decryption runs very fast.

ABS

-- 
                               Alaric B. Snell
 http://www.alaric-snell.com/  http://RFC.net/  http://www.warhead.org.uk/
   Any sufficiently advanced technology can be emulated in software